When customers using Couchbase require us to comply with privacy regulations such as HIPAA (financial or healthcare customers as an example), then we typically need to allow for Authentication(LDAP), Authorization (RBAC-role based access control), and Encryption. It is also important to support auditing and redaction of important information, especially in logs (Couchbase has support for log redaction using specific tags), all of which Couchbase supports. When it comes to encryption, Couchbase supports node to node encryption at multiple levels using the cluster configuration level setting. This is controlled by the user and can take 3 values:
Control: At this level, only the cluster and server connections to internal services are encrypted. This basically includes the cluster management information and the related internal processes. However, data across nodes in the cluster is not. So, for example, a server to query service connection is encrypted. This is the default behaviour.